On 2007.05.16 at 16:03:38 +0530, Urjit Gokhale wrote: > Hello everyone, > > I have some doubts about certificates, which I wish to get clarification > on. > > Here is my understanding about certificates: > * Certificates bind the public key with some other information like the > name of the owner(user), who generated the certificate, the validity > period etc.
Almost true, but user never generates certificate. User generates certificate signing request (CSR), and send it to CA. CA generates certificate, and can add or remove some information from user request. It is CA's signature under certificate and it is up to CA to decide which information to certify with it. > * The certificates are signed by some entity (CA), just to assure that > association between the public key and the other information is correct. > This helps in identifying the authenticity of the certificate. True > Now, I state what *I believe* is true in case of PKI and certificates: > 1) A private key-public key pair created, can be Typically, user generates key pair, and never discloses private part of it to any authority. That is why it is called "private". > a) given to a specific user, > b) stored on a specific machine. (By some authority ?) If you are speaking about server keypair (i.e. one which identifies https server), key pair and CSR are typically generated by system administrator of this server. > 2) In the first case, the user can take the keys with him, and use these > for communication from any machine. The other end, on seeing the > certificate can know that user 'xyz' is communicating with it. This is _probably_ user 'xyz' unless somebody stole his private key. (if user 'xyz' noticed theft, he should notify CA and CA would revoke certificate. This is why checking of CRL (Certificate revokation list) or online validation via OCSP protocol is important. > 3) in the second case, any user using that particular machine can use the > key pair to communicate (assuming he has access rights). The other end, on Typically, nobody except root or user under which appropriate server is invoked, has access rights for private key. Because if any untrusted person can read this key, he can transfer it to some other machine and impersonate machine in question. > seeing the certificate can know that someone from machine > 'abc.def.ghi.jkl' is communicating with it. > > Is this understanding correct? > If yes, I would like to know how can I generate a certificate that binds > the public key with a particular username or a particular machine? Certificate (and CSR) has so called Distinguished name property. This property is list of name-value pairs. There is a list of standard field names which such as Country, Location, Organization. Most important one is Common Name. If we are generating certificate for user, Common Name should contain name of this user. If we are generating certificate for server (machine), Common Name should contain DNS name of this machine. Machine can have multiple IP addresses and multiple names associated with each of them. Typically server certificate validation works following way: 1. User gives its client software an URL which includes server name to connect to. 2. Software resolves name via DNS to IP address. 3. Software connects to this address and starts TLS handshake 4. Server which listens on the address sends its certificate. 5. Software (i.e OpenSSL library) checks that certificate is signed by proper CA using certificate store, provided in the software configuration. 6. CN field of certificate should be compared with server name given in URL. Since OpenSSL library doesn't have access to URL - it recieves already connected socket, it cannot do it itself. So it is up to application which uses library. > how can a peer authenticate / validate this particular certificate? Could > someone please provide a sample validation callback function code? There is no need to use callback. Default callback is good enough. You can just wait for successfull completion of handshake, then obtain peer (server) certificate via SSL_get_peer_certificate (or SSL_get_peer_cert_chain) function as X509 structure, extract distingushed name using X509_get_subject_name function, and then get CN field from it using X509_NAME_get_text_by_NID function and passing NID_commonName constant as nid parameter. > Also, > > > DISCLAIMER ========== This e-mail may contain privileged and confidential > information which is the property of Persistent Systems Pvt. Ltd. It is > intended only for the use of the individual or entity to which it is > addressed. If you are not the intended recipient, you are not authorized > to read, retain, copy, print, distribute or use this message. If you have > received this communication in error, please notify the sender and delete > all copies of this message. Persistent Systems Pvt. Ltd. does not accept > any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
